I don’t like people adding tracking stuff to URLs.
Still less do I like people adding tracking stuff to my URLs.

https://chrismorgan.info/no-query-strings?ref=example.com? Did I ask?
If I wanted to know I’d look at the Referer header; and if it isn’t there, it’s probably for a good reason.
You abuse your users by adding that to the link.

https://chrismorgan.info/no-query-strings?utm_source=example&utm_&c.?
Hey! That one’s even worse, UTM parameters are for me to use, not you.
Leave my URLs alone.

So I’ve decided to try a blanket ban for this site: no unauthorised query strings.

At present I don’t use any query strings.
If I ever start using any query strings, I’ll allow only known parameters.
(In past times I used ?t=… and ?h=… cache-busting URLs for stylesheet URLs;
and I decided I’m okay breaking such requests; there shouldn’t be any legitimate ones.)

Want to see what happens if you add a query string? Go ahead, try it.

It’s my website: I can do what I want with it.

And you can do what you want with yours!

This is currently implemented in my Caddyfile.